CPX 2016 Moti Sagey Security Vendor Landscape

©2016 Check Point Software Technologies Ltd. 1©2016 Check Point Software Technologies Ltd.©2016 Check Point Software Technologies Ltd. [Protected] Non-confidential content
Moti Sagey | Head of Competitive Intelligence
SECURITY VENDOR LANDSCAPE
WHAT TO ASK, WHAT TO KNOW
AND HOW TO DECIDE

©2016 Check Point Software Technologies Ltd. 2
Uncompromised Security
Dynamic Architecture
Operational Simplicity
Commitment to Customer Success
WHAT DOES IT TAKE
TO WIN YOUR TRUST?

©2016 Check Point Software Technologies Ltd. 3[Protected] Non-confidential content
U N C O M P R O M I S E D S E C U R I T Y
In other words… Can you keep
the bad guys out????

“Not If You Are Using Outdated Thinking”?
“For the imagination of man's heart
is EVIL from his youth” -Genesis 8:21

What does advanced threat defense look
like today? The 5 styles
Real Time/
Near Real Time
Post Compromise
(Days/Weeks)
Payload Analysis/
Sandbox
S T Y L E 3
S T Y L E 2
Network
Forensics
Network Traffic
Analysis
S T Y L E 1
Endpoint Behavior
Analysis
S T Y L E 4
Endpoint
Forensics
S T Y L E 5
Time
Detective/
Detection
Retrospective/
Response
Check Point, Damballa,
Lancope, Fidelis,
Check Point, FireEye, Cisco
,Fortinet, Trend Micro, PAN
Check Point, Bromium,
CounterTack, Invincea,
Palo Alto Networks, IBM
(trusteer)
IBM (QRadar),FireEye
(nPulse) RSA
NetWitness, Blue
Coat (Solera)
Check Point, Bit9
(Carbon
Black),FireEye,
Tanium,Cisco
PAYLOAD
NETWORK
Source: http://www.gartner.com/newsroom/id/2595015
ENDPOINT

Firewall IPS VPN
Web AVURLFA-Spam AV Anti-X
Enterprise and Upper-Midsize Businesses
Small and Lower-Midsize Businesses
UTM
SSL VPN APP IDFW+IPS
Network Security Today - the Role of Convergence
Next-Generation
Firewall
Secure Mail
Gateway
Secure Web
Gateway
SandBox

IN GOD WE TRUST,
ALL OTHERS MUST
BRING DATA
THE CHALLENGE –
EVERY VENDOR
WILL TELL YOU
THEY ARE THE BEST
W.H Deming

IPS Recommended – Jan 2011
Best integrated IPS Security Score of 97.3%!
NGFW Recommended – April 2011
World’s first NSS Recommended NGFW!
FW Recommended – April 2011
Only vendor to pass the initial test!
NGFW Recommended – Jan 2012
Continued NGFW Leadership and Excellence!
IPS Recommended – July 2012
Leading integrated IPS Security Score of 98.7%!
FW Recommended – Jan 2013
Best Security + Management score of 100%!
IPS Individual Test – Feb 2013*
61000 IPS Security Score of 99%! 26.5G IPS
IPS Recommended – Nov 2013
100% Management score and Best annual Management Labor Cost
(Upkeep and Tuning)!
NGFW Recommended – Feb 2013
Best Security + Management Score of 98.5%!
• Individual product test and not part of a Group Test.
NSS only awards “Recommended” in Group Tests.
NGFW Recommended – Sept 2014
4th NGFW Recommended
BDS Recommended – Aug 2015
1st time tested , 100% unknown malware catch-rate
NGFW Recommended – Mar 2016
99.8% Catch rate and 5th NSS NGFW Recommended!
NSS labs- Check Point’s track record of
security leadership and excellence!

©2016 Check Point Software Technologies Ltd. 9©2016 Check Point Software Technologies Ltd.
0
1
0 0
4
2
0
3
5
4
3
0
11
4
6
8
2
0
Caution
Neutral
Recommended
©2016 Check Point Software Technologies Ltd.
9
NSS LABS: CHECK POINT THE ONLY VENDOR
WITH CONSISTENT “RECOMMENDED” RATING
• Source: NSS Labs * WAF & EPP not calculated
*

Check Point Sandblast
Recommended for Security Effectiveness and Value
100% HTTP Malware
100% SMB Malware
100% Email Malware
100% Drive-by-Exploits
(only vendor)
97.2% Detection Rate
Fastest solution (7Gbps)
Lowest TCO
SandBlast
TM

NSS security value map
breach detection Systems
*updated with 10Gb nic retest
Source:http://public.brighttalk.com/resource/core/89391/nss-bds-group-test-update-dec-2015_133131.pdf
10Gb nic retest
CHECK POINT

Yet another Proof, Industry’s Best Catch-rate
UNKNOWN MALWARE
IN MALICIOUS DOCUMENTS
100
90
80
70
60
50
40
30
20
10
0
95
50
40
60
80
CHECK POINT FIREEYE PALO ALTO
NETWORKS
CISCO
SOURCEFIRE
FORTINET
Source: Miercom APT Industry Assessment
%

UNKNOWN MALWARE
IN MOBILE APPLICAT I ONS
100
90
80
70
60
50
40
30
20
10
0
99
88
21
90
71
CHECK POINT FIREEYE PALO ALTO
NETWORKS
AVG LOOKOUT
Source: Lacoon competitive benchmark 2015
%
Yet another Proof, Industry’s Best Catch-rate

14

Check Point One Step Ahead in Detection
and Prevention of Threat Focused Apps
Potentially Risky Apps
Check
Point
Palo Alto
Networks
Fortinet Cisco
# of Anonymizers proxy/tunnel apps
(e.g. TOR, UltraSurf, HideMyAss…)
167 78 107 32
# of P2P apps
(e.g. Bitorrent, WinMX…)
341 129 85 51
# of File sharing apps
(e.g. Dropbox, Google Drive, Mega…)
885 270 291 246
# of Remote Admin apps
(e.g. TeamViewer, LogMeIn…)
136 93 91 93
Total number of apps 7,000 2,177 2,661 4,218
Average released apps per month
(Jan 2015-March 2016)
37 14 10 15
Source: Check Point AppWiki, PAN Applipedia, Fortinet FortiGuard, Cisco FirePower , as of March 30st 2016
[Protected ] Non-confidential content

Security Shortcuts Risk and Reward
Hidden configuration page

How to Expose Security Shortcuts in POC’s
DOWNLOAD THE GUIDE http://tiny.cc/poc-shortcuts

Traditional Sandboxes are Prone to Evasions
ATTACKERS CONSTANTLY DEVELOP
NEW DECPETION TECHNIQUES TO
BYPASS SANDBOXES
DECEPTION

Can the solution prevent threats from
getting to the network or it just tells you after the fact?1
Evaluating A Sandbox?: Top Questions
you should ask the vendor and Check for yourself

What is the maximum file size for inspection?2

Which file types you support (what about archives)?3

What type of Hypervisor for OS Images?
How To Import A Custom Image
From VMware Onto The McAfee ATD
4

23
Vulnerable (Bypassed More Than 100 Different Ways)

GOOGLE “HTTP EVADER”©2016 Check Point Software Technologies Ltd.
23

24
Protected. Period.
R77.30

24

25
VULNERABILITIES AND HOW VENDORS DEAL
WITH THEM

26
WITH THEM
234
Days

27
WITH THEM
134
Days

28
WITH THEM

29
WITH THEM
1096
Days

WHAT DOES IT TAKE
TO WIN YOUR TRUST?

D Y N A M I C A R C H I T E C T U R E
In other words…I don’t even know where my
own ecosystems begins and ends, how do I
deal with that?
[Protected] Non-confidential content

THE CHALLENGE OF SECURING BORDERLESS NETWORKS

Check Point Software Based Architecture
means Dynamic Agile Security

WHAT DOES IT TAKE
TO WIN YOUR TRUST?

OPERATIONAL SIMPLICITY
In other words… don’t tell me I will need
more people to run this stuff

The KISSME Challenge
Keeping IT Security Simple Manageable & Effective
http://tiny.cc/kissme1
Security function Check Point Palo Alto Fortinet Cisco NGFW
Challenge 1:
How Many Consoles Does it
Take?
Challenge 2:
A Day in the Life of an IT Admin
Allow G.Docs Download, Block CC Data
Challenge 4:
Ease of visibility
Challenge 3:Scaling for Growth
multi-tenancy , Obj. Separation, Global
pol. across domains, concurrent admins
4X
5
locations
3X
2
locations
1
Fastest
Time
1 location
sees it all
5X
5
locations
3 3 4
4:03
71 mouse
clicks
5:03
148 mouse
clicks
8:05
141 mouse
clicks
R80 PAN-OS 7.1 Forti-OS 5.4 6.0.1 (FTD)
1:45
45 mouse
clicks

1000
1500 1500
2000 2000
Check Point Fortinet Juniper PANCisco
Source: NSS Labs NGFW Group Test 2013
Improved Productivity
Man hours required for yearly management of 20 gateways per site
“The Check Point management remains the de facto “gold standard”
against which other consoles are measured” Gartner

Unmatched Unified Access Policy
[Restricted] ONLY for designated groups and individuals
Users Devices Applications Data Gateways Mobile Public Cloud Private Cloud

WHAT DOES IT TAKE
TO WIN YOUR TRUST?

CUSTOMER SUCCESS
In other words… how long will I be exposed
if something bad does happen?

41
9 hours
Check Point
Cisco
2 days
Fortinet
5 days
Heartbleed Shellshock Poodle-TLS Venom
22 hours
Check Point
18 hours
Check Point
30 hours
Check Point
Palo Alto
29 days
Fortinet
14 days
Palo Alto
56 days
Fortinet
10 days
Palo Alto
10 days
Fortinet
9 days
Sense of Urgency is in Our DNA
Full references at http://tiny.cc/dna-cp

2015,2016
Average Response Time for Top Vulnerabilities(ips)
SSL Drown Attack
50 minutes
Check Point
Palo Alto
900 min.
Cisco
98 min.
0 hours
Check Point
13 hours
Check Point
Palo Alto
10 days
Fortinet
9 hours
Palo Alto
5 days
Fortinet
5 days
Flash (In The Wild)
0days 2016
Full references at http://tiny.cc/dna-cp
11 Minutes
Check Point
Palo Alto
540 min.
Fortinet
60 min.
BADLOCK
Microsoft Patch
Tuesday

Competitors “IDEAL TESTING CONDITIONS” Sizing
Marketing Numbers Vs. Predictable Production Performance

Check Point , The Only Vendor to Provide
Predictable Production Performance for its customers
Marketing Numbers Vs. Predictable Production Performance

THE WORLD’S LARGEST SECURITY ECOSYSTEM
ENFORCEMENT
MANAGEMENT
THREAT INTELLIGENCE
INFRASTRUCTURE
MOBILITY
CLOUD
101TECHNOLOGY
PARTNERS

Operational SimplicityOperational Simplicity
Dynamic ArchitectureDynamic Architecture
Commitment to Customer SuccessCommitment to Customer Success
SUMMARY- CHECK POINT
ONE STEP AHEAD OF THE INDUSTRY

AVOID THE HYPE,
GET THE FACTS

THANK YOU

CPX 2016 Moti Sagey Security Vendor Landscape

More Related Content

What's hot

Viewers also liked

Similar to CPX 2016 Moti Sagey Security Vendor Landscape

More from Moti Sagey מוטי שגיא

CPX 2016 Moti Sagey Security Vendor Landscape